On Monday, 12 December 2016 at 12:30, Jan Kurik wrote: > = Proposed Self Contained Change: Golang buildmode PIE = > https://fedoraproject.org/wiki/Changes/golang-buildmode-pie > > Change owner(s): > * Jakub Čajka <jcajka AT fedoraproject DOT org> > > Change default build mode of golang in Fedora packaging macros to > buildmode=pie, which results in packages using them to produce > Position Independent Executables. Another part of the change is to > pass the Fedora hardened linker flags to the external linker(regular > system linker). In result reducing exploit-ability of binaries. > > > == Detailed Description == > Change default build mode of golang in Fedora packaging macros to > buildmode=pie, which results in packages using them to produce > Position Independent Executables. Another part of the change is to > pass the Fedora hardened linker flags to the external linker(regular > system linker). This will only affect packages that depend on golang > packaging macros for their build. This should be first step towards > mandating this on all packages that provide binaries based on golang > in whole distribution via Go packaging guidelines(which is out of > scope for this change proposal). Nowhere in the description do you mention the performance impact of enabling PIE on the resulting binaries. It's well known that there is a non-negligible overhead on i686 due to PIC/PIE requiring an additional register. The impact on x86_64 is actually negligible, but as far as I know, PowerPC is also impacted due to different addressing mode, though I'm not sure how much. Did you run any benchmarks? Regards, Dominik -- Fedora http://fedoraproject.org/wiki/User:Rathann RPMFusion http://rpmfusion.org "Faith manages." -- Delenn to Lennier in Babylon 5:"Confessions and Lamentations" _______________________________________________ devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx
